Detections
Analytics

CIS Apache HTTP Server 2.2 L2 v3.6.0

Audit Details

Name: CIS Apache HTTP Server 2.2 L2 v3.6.0

Updated: 11/1/2023

Authority: CIS

Plugin: Unix

Revision: 1.13

Estimated Item Count: 135

File Details

Filename: CIS_Apache_HTTP_Server_2.2_Benchmark_v3.6.0_Level_2.audit

Size: 470 kB

MD5: cde760b9191d4cf1e299f056525fcece
SHA256: 0154234f10149f6e16fd4f0a3ab419dc3a478c74f7d9011d673d91f27c96d9b2

Audit Changelog

 
Revision 1.13

Nov 1, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
Revision 1.12

Apr 12, 2023

Miscellaneous
  • Metadata updated.
  • Platform check updated.
  • Variables updated.
Revision 1.11

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.10

Jan 4, 2023

Miscellaneous
  • Metadata updated.
Revision 1.9

Dec 7, 2022

Functional Update
  • 12.1 Ensure the AppArmor Framework Is Enabled
  • 12.2 Ensure the Apache AppArmor Profile Is Configured Properly
  • 12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'No Order/Deny/Allow'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'Require is configured'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Allow is configured'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Deny is configured'
  • 4.2 Ensure Appropriate Access to Web Content Is Allowed - 'httpd.conf Order Deny,Allow'
  • 5.2 Ensure Options for the Web Root Directory Are Restricted
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'No Deny/Allow'
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'Require all denied'
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'httpd.conf Document Root LimitExcept = GET,POST or OPTIONS only'
  • 5.7 Ensure HTTP Request Methods Are Restricted - 'httpd.conf Document Root Order = Deny,Allow'
Miscellaneous
  • Variables updated.
Revision 1.8

Apr 25, 2022

Miscellaneous
  • Metadata updated.
Revision 1.7

Mar 29, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.5

Oct 5, 2020

Functional Update
  • 12.1 Ensure the AppArmor Framework Is Enabled
  • 12.2 Ensure the Apache AppArmor Profile Is Configured Properly
  • 12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Active Rules
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Inbound Anomaly Threshold
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Outbound Anomaly Threshold
  • 6.7 Ensure the OWASP ModSecurity Core Rule Set Is Installed and Enabled - Paranoia Level
Revision 1.4

Sep 29, 2020

Miscellaneous
  • References updated.